
United States Patent and Trademark Office 



UNITED STATES DEPARTMENT OF COMMERCE 
United States Patent and Trademark Office 
Address: COMMISSIONER FOR PATENTS 
P.O. Box 1450 

Alexandria, Virginia 223 1 3- 1 450 
www.uspto.gov 



APPLICATION NO. 



FILING DATE 



FIRST NAMED INVENTOR 



ATTORNEY DOCKET NO. CONFIRMATION NO. 



09/755,520 



01/05/2001 



; 7590 10/18/2005 

:v&H&v. Anne Vachon Dougherty 

I % 3173 Cedar Road 

- * Yorktown Heights, NY 10598 



Heiko H. Ludwig 



CH9- 1999-0042 



5060 



EXAMINER 



BACKER, FIRMIN 



ART UNIT 



PAPER NUMBER 



3621 

DATE MAILED: 10/18/2005 



Please find below and/or attached an Office communication concerning this application or proceeding. 




PTO-90C (Rev. 10/03) 



kstticg Mcziun ouuiniary 


Application No. 

09/755,520 


Applicant(s) 

LUDWIG ET AL 


Examiner 

FIRMN BACKER 


Art Unit 

3621 





•• The MAILING DATE of this communication appears on the cover sheet with the correspondence address - 
Period for Reply 



A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) OR THIRTY (30) DAYS, 
WHICHEVER IS LONGER, FROM THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 .136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 133). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1.704(b). 

Status 

1)^ Responsive to communication(s) filed on 03 August 2005 . 
2a)D This action is FINAL. 2b)^ This action is non-final. 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 11, 453 O.G. 213. 

Disposition of Claims 

4) ^ Claim(s) 1-36 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) S Claim(s) 1-20 and 27-36 is/are allowed. 

6) [3 Claim(s) 21-26 is/are rejected. 

7) D Claim(s) is/are objected to. 

8) D Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) D The specification is objected to by the Examiner. 

10) D The drawing(s) filed on is/are: a)D accepted or b)D objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1 .85(a). 
Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 

1 1) D The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-152. 

Priority under 35 U.S.C. § 1 1 9 

1 2) D Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 1 1 9(a)-(d) or (f). 
a)D All b)D Some * c)D None of: 

1 .□ Certified copies of the priority documents have been received. 

2. D Certified copies of the priority documents have been received in Application No. . 

3. D Copies of the certified copies of the priority documents have been received in this National Stage 

application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 



Attachment(s) 

1) □ Notice of References Cited (PTO-892) 4) □ Interview Summary (PTO-413) 

2) □ Notice of Draftsperson's Patent Drawing Review (PTO-948) Paper No(s)/Mail Date. . 

3) □ Information Disclosure Statement(s) (PTO-1449 or PTO/SB/08) 5 ) D Notice of Informal Patent Application (PTO-152) 

Paper No(s)/Mail Date . 6) □ Other: . 
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DETAILED ACTION 
Response to Arguments 

1 . Applicants arguments with respect to claims 1-36 have been considered but are moot in 
view of the new ground(s) of rejection. 

Claim Rejections - 35 USC § 112 

2. The following is a quotation of the second paragraph of 35 U.S.C. 112: 

The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the 
subject matter which the applicant regards as his invention. 

3. Claims 24-26 are rejected under 35 U.S.C. 1 12, second paragraph, as being indefinite for 
failing to particularly point out and distinctly claim the subject matter which applicant regards as 
the invention. 

4. Regarding claims 24-26, the word "means" is preceded by the word(s) "receiving, 
retrieving, transmission, . ..." in an attempt to use a "means" clause to recite a claim element as a 
means for performing a specified function. However, since no function is specified by the 
word(s) preceding "means," it is impossible to determine the equivalents of the element, as 
required by 35 U.S.C. 1 12, sixth paragraph. See Ex parte Klumb, 159 USPQ 694 (Bd. App. 
1967). 
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Claim Rejections - 35 USC § 102 

5. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the 
basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 122(b), by another filed 
in the United States before the invention by the applicant for patent or (2) a patent granted on an application for 
patent by another filed in the United States before the invention by the applicant for patent, except that an 
international application filed under the treaty defined in section 35 1(a) shall have the effects for purposes of this 
subsection of an application filed in the United States only if the international application designated the United 
States and was published under Article 21(2) of such treaty in the English language. 

6. Claims 21-26 are rejected under 35 U.S.C. 102(e) as being anticipated by Sudia et al 
(U.S. 2002/0029337). 

7. As per claims 21, Sudia et al teach a Transaction Authorization Method encoded on a 
computer readable medium, the method having the following steps: (a) receiving a request for a 
transaction; (b) obtaining an electronic representation of a document having details of the 
transaction from a Digital Document Database; (c) obtaining the role certificate signed with a 
signature by a Transaction Administrator from a Role Certificate Database and verifying the 
signature; (d) returning the transaction details to the requester; (e) awaiting and receiving from 
the requester the completed representation, signed by the requester; (f) requesting the 
Authorization Structure for the transaction from the Authorization Structure Database, the 
Authorization Structure being pre-signed with a signature by the Transaction Administrator and 
verifying the signature, and choosing a permission set of role names and user members of the 
permission set to contact to sign in these role names; (g) forwarding details of the transaction 
request with the signature of the requester to others having roles corresponding to the chosen 
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permission set and collecting signatures of each role indicated in-the permission set; (h) 
requesting role certificates from the Role Certificate Database and signatures for each member of 
the permission set and encoding the same on the document; and (i) forwarding the completed 
electronic document including the signatures and role certificates to the requester, the document 
including authorization details required in order to confirm the validity of the transaction (see 
paragraphs 0024, 0043, 0050, 0054, 0074-0075, 0081, 0085). 

8. As per claims 22, Sudia et al teach a Transaction Authorization Method wherein the role 
certificates and the Authorization Structure consist of hashed information about permission sets 
and roles, such hashed information substituting for the unhashed role certificates and permission 
sets (see paragraphs 0024, 0043, 0050, 0054, 0074-0075, 0081, 0085). 

9. As per claims 23, Sudia et al teach a Transaction Authorization Method of receiving an 
electronic document representing a transaction, associated transaction details being signed by a 
Transaction Authority, a collection of role certificates certifying named roles signed by a Role 
Authority, the transaction details signed by each of the signing keys corresponding to the 
verification keys in the role certificates, and the Authorization Structure; (b) using a verification 
key of the Role Authority to check each certificate on the document; (c) in the following manner, 
checking the signatures on the transaction details using the verification keys in the supplied role 
certificates: i. extracting the named roles from the role certificates; ii. hashing the roles using a 
hash-of-hashes process; iii. checking the computed hash value of the transaction against that was 
originally signed by the Transaction Authority to ensure that it is equal to the value for the 
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transaction received in the Authorization Structure; iv. using the output of the hash-of-hashes 
process as input to check the signature on the hash-of-hashes process; if the produced hash-of- 
hashes string matches the hashed string signed by the Transaction Authority, then assuming that 
the request is authorized; and (d) reporting the result {see paragraphs 0024, 0043, 0050, 0054, 
0074-0075, 0081, 0085). 

10. As per claims 24, Sudia et al teach a distributed workflow management system encoded 
with a Transaction Authorization Method, the method having the following steps: (a) receiving 
means for receiving a request for a transaction; (b) retrieving means for obtaining an electronic 
representation of a document having details of the transaction from a Digital Document 
Database; (c) retrieving means for obtaining the role certificate signed with a signature by a 
Transaction Administrator from a Role Certificate Database and verifying the signature; (d) 
transmission means for returning the transaction details to the requester; (e) receiving means for 
receiving from the requester the completed representation, signed by the requester; (f) querying 
means for requesting the Authorization Structure for the transaction from the Authorization 
Structure Database, the Authorization Structure being pre-signed with a signature by the 
Transaction Administrator; (g) verifying means for verifying the signature; (h) selection means 
for choosing a permission set of role names and user members of the permission set to contact to 
sign in these, role names; (i) transmission means for forwarding details of the transaction request 
with the signature of the requester to others having roles corresponding to the chosen permission 
set and collecting signatures of each role indicated in the permission set; (j) retrieving means for 
requesting role certificates from the Role Certificate Database and signatures for each member of 
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the permission set; (k) encoding means for encoding the signatures gathered in step (j) on the 
document; and (1) transmission means for forwarding the completed electronic document 
including the signatures and role certificates to the requester, the document including 
authorization details required in order to confirm the validity of the transaction (see paragraphs 
0024, 0043, 0050, 0054, 0074-0075, 0081, 0085). 

11. As per claims 25, Sudia et al teach a system wherein the role certificates and the 
Authorization Structure consist of hashed information about permission sets and roles, such 
hashed information substituting for the unhashed role certificates and permission sets (see 
paragraphs 0024, 0043, 0050, 0054, 0074-0075, 0081, 0085). 

12. As per claims 26, Sudia et al teach a distributed workflow management system encoded 
with a Transaction Verification Method, the method having the following steps: (a) receiving an 
electronic document representing a transaction, associated transaction details being signed by a 
Transaction Authority, a collection of role certificates certifying named roles signed by a Role 
Authority, the transaction details signed by each of the signing keys corresponding to the 
verification keys in the role certificates, and the Authorization Structure; (b) using a verification 
key of the Role Authority to check each certificate on the document; (c) in the following manner, 
checking the signatures on the transaction details using the verification keys in the supplied role 
certificates: i. extracting the named roles from the role certificates; ii. hashing the roles using a 
hash-of-hashes process; iii. checking the computed hash value of the transaction against that was 
originally signed by the Transaction Authority to ensure that it is equal to the value for the 
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transaction received in the Authorization Structure; iv. using the output of the hash-of-hashes 
process as input to check the signature on the hash-of-hashes process; if the produced hash-of- 
hashes string matches the hashed string signed by the Transaction Authority, then assuming that 
the request is authorized; and (d) reporting the result {see paragraphs 0024, 0043, 0050, 0054, 
0074-0075, 0081, 0085). 



Allowable Subject Matter 

13. Claims 1-20 and 27-36 allowed. 

Conclusion 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to FIRMN BACKER whose telephone number is 571-272-6703. 
The examiner can normally be reached on Monday - Thursday 9:00 AM - 5:00 PM. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, James Trammell can be reached on (571) 272-6712. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 
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Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 
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